Composer · packagist.org

oat-sa/extension-tao-testqti

Known Indicator Filename: oat-sa-extension-tao-testqti-ccc36b7/views/build/grunt/bundle.js

Why PkgRadar flagged v50.3.3

Severity	Signal	Evidence
high	Known Indicator Filename	oat-sa-extension-tao-testqti-ccc36b7/views/build/grunt/bundle.js · oat-sa-extension-tao-testqti-ccc36b7/views/build/grunt/bundle.js
medium	Php Shell Call	exec / system / passthru / shell_exec / proc_open — process spawning. · oat-sa-extension-tao-testqti-ccc36b7/manifest.php
medium	Php Shell Call	exec / system / passthru / shell_exec / proc_open — process spawning. · oat-sa-extension-tao-testqti-ccc36b7/models/classes/class.QtiTestCompiler.php
medium	Php Shell Call	exec / system / passthru / shell_exec / proc_open — process spawning. · oat-sa-extension-tao-testqti-ccc36b7/scripts/install/CreateTableForToolsStateStorage.php
medium	Remote Payload	matched "cUrl " · oat-sa-extension-tao-testqti-ccc36b7/test/unit/models/classes/scale/ScaleHandlerTest.php

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v50.3.3`	Review	30	2026-05-27

Block this in CI

PkgRadar gates oat-sa/extension-tao-testqti (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem composer oat-sa/[email protected]